package com.crm.jdy.common.shiro;

import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    @Bean
    public Realm myRealm() {
        return new MyRealm();
    }

    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(myRealm());
        return manager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
        ShiroFilterFactoryBean filter = new ShiroFilterFactoryBean();
        filter.setSecurityManager(securityManager());
        //加入自定义的filter
        Map<String, Filter> filterMap = filter.getFilters();
//        filterMap.put("client", new ClientShiroThree());
        filter.setFilters(filterMap);
        //定义相关路径
        filter.setLoginUrl("/nologin");
        filter.setUnauthorizedUrl("/noAuthorize");
        //定义拦截路径,记得将静态资源也排除过滤
        /*进行权限的控制,必须使用LinkHashMap,shrio要按照顺序进行设置*/
        Map<String, String> authMap = new LinkedHashMap<>();
        //swagger接口权限开放
        authMap.put("/swagger-ui.html", "anon");
        authMap.put("/webjars/**", "anon");
        authMap.put("/v2/**", "anon");
        authMap.put("/swagger-resources/**", "anon");
        authMap.put("/guest/**", "anon");
        authMap.put("/static/**", "anon");
        authMap.put("/nologin/**", "anon");
        authMap.put("/jmreport/**", "anon");
//        authMap.put("/login/**", "anon");
//        authMap.put("/basunessMessage/kong/**", "roles[kong]");
        authMap.put("/**", "anon");
        filter.setFilterChainDefinitionMap(authMap);
        //配置完成
        System.out.println("---------------shirofactory创建成功");
        return filter;
    }

    @Bean(name = "lifecycleBeanPostProcessor")
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);
        return creator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
            DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }

}
